On Tue, May 27, 2014 at 12:17 AM, Peter Bex <peter....@xs4all.nl> wrote:
> This is run within the kernel context, and arbitrary code in this bytecode > can be uploaded. It reins in power by allowing only a fixed length for the > program and by allowing only jumps to forward addresses, which precludes > loop, making it effectively non-Turing complete. What's particularly interesting is extended BPF (eBPF) allows backwards jumps, with a catch: https://lwn.net/Articles/575531/ "Every jump is mapped and, while backward jumps are allowed, jumps to previously executed parts of the program are not, so loops should not be possible." -- Tony Arcieri
_______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
